f829abc61e74e3435bbf30681ea114131dd6ee05110fead6fee1f098cfd65f87

Sharing

Copy URL

Twitter E-mail

General

Target

f829abc61e74e3435bbf30681ea114131dd6ee05110fead6fee1f098cfd65f87
Size

208KB
MD5

136abada665cceb7a0435e8a1814a622
SHA1

17909511d29fdf56abe3196e386fd41d0ac23cec
SHA256

f829abc61e74e3435bbf30681ea114131dd6ee05110fead6fee1f098cfd65f87
SHA512

21055aa214d5f7452383ed97a6fc8bef55a7f10988b841bf790357801679bf75cda9b3c9649bbe794c2ad5937aed953ed781aa0b5a2336e4191de1d1bbb27733
SSDEEP

6144:EfQqBbF5VbaplWotat+f6ptmbs99w3tnt0:4Pf5VGyota4f6DxQ92

Score

N/A

Malware Config

Signatures

Files

f829abc61e74e3435bbf30681ea114131dd6ee05110fead6fee1f098cfd65f87
.exe windows x86

5b124d37c1feb3d48ec6b7f44f3a95b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
IsRectEmpty
GetClientRect
GetWindowLongW
PeekMessageW
SetCursor
IsWindow
InvalidateRect
CheckRadioButton
EnableWindow
MoveWindow
LoadCursorW
DestroyWindow
GetAsyncKeyState
GetDesktopWindow
SetWindowLongW
GetDlgItem
DefWindowProcW
CreateDialogParamW
SetDlgItemInt
LoadStringW
DispatchMessageW
SendMessageW
ShowWindow
IsWindowVisible
GetDlgItemInt
CheckDlgButton
GetWindowRect
GetDC
SetDlgItemTextW
TranslateMessage
ReleaseDC

ntdll

DbgPrintEx
CsrCaptureTimeout
DbgPrintReturnControlC
DbgBreakPoint
CsrCaptureMessageString
CsrSetPriorityClass
CsrFreeCaptureBuffer
CsrClientConnectToServer
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrAllocateCaptureBuffer
DbgQueryDebugFilterState
CsrCaptureMessageBuffer
CsrGetProcessId
CsrClientCallServer
DbgPrint
DbgSetDebugFilterState
DbgPrompt
CsrIdentifyAlertableThread

kernel32

VirtualFree
GetQueuedCompletionStatus
GetFileAttributesW
GetCurrentThread
GetSystemTimeAsFileTime
lstrlenW
ResetEvent
WaitForSingleObject
InterlockedIncrement
GetThreadPriority
SetFilePointer
ReleaseSemaphore
GlobalMemoryStatus
LeaveCriticalSection
CloseHandle
lstrlenA
IsBadWritePtr
IsBadReadPtr
CreateThread
GetCurrentProcessId
lstrcpynW
LoadLibraryW
lstrcmpW
CreateSemaphoreW
lstrcmpiW
QueryPerformanceCounter
GlobalAlloc
HeapAlloc
FreeLibrary
IsBadCodePtr
WideCharToMultiByte
GetDiskFreeSpaceW
HeapFree
GetLocaleInfoW
CreateFileW
GetProfileIntA
ReadFile
SetThreadPriority
GetModuleFileNameA
GlobalFindAtomA
GetFullPathNameW
InitializeCriticalSection
GetPrivateProfileStringW
GlobalHandle
GetProcAddress
SetEvent
DeleteCriticalSection
GlobalLock
InterlockedExchange
GetLocaleInfoA
GetFileSize
MulDiv
GetACP
InterlockedDecrement
GlobalFree
SetUnhandledExceptionFilter
GetCurrentProcess
MultiByteToWideChar
SetEndOfFile
EnterCriticalSection
GlobalUnlock
CreateEventW
WriteFile
GetTickCount
lstrcpyA
GetVersionExW
WaitForMultipleObjects
GetProcessHeap
lstrcpyW
GetLastError

oleaut32

VarBstrFromUI8
VarBstrFromI2
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromI8
VarBstrFromR4
VarBstrFromDec
VarBstrFromI4
VarBstrFromI1
VarBstrFromDate
VarBstrFromUI1
VarBstrFromDisp
VarBstrFromR8
VarBstrFromCy

newdev

InstallNewDevice
UpdateDriverForPlugAndPlayDevicesA
InstallWindowsUpdateDriver
InstallSelectedDriver
UpdateDriverForPlugAndPlayDevicesW

netshell

StartNCW
DllGetClassObject
NcIsValidConnectionName

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b124d37c1feb3d48ec6b7f44f3a95b0

Headers

File Characteristics

Imports

user32

ntdll

kernel32

oleaut32

newdev

netshell

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 32KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 980B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 32KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 980B

.reloc
Size: 1KB - Virtual size: 1KB